mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-11-27 13:41:10 +01:00
Code Issues Projects Releases Wiki Activity

identity/oidc: adds claims_supported to discovery document (#16992)

Browse Source 
* identity/oidc: adds claims_supported to discovery document

* adds changelog
This commit is contained in:
Austin Gebauer 2022-09-02 09:19:25 -07:00 committed by GitHub
parent 3d5ed417c6
commit f7a50f3d26
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
changelog/16992.txt Normal file
View File

@ -0,0 +1,3 @@
```release-note:bug
identity/oidc: Adds `claims_supported` to discovery document.
```

2
vault/identity_store_oidc_provider.go
View File

@ -159,6 +159,7 @@ type providerDiscovery struct {
IDTokenAlgs []string `json:"id_token_signing_alg_values_supported"` IDTokenAlgs []string `json:"id_token_signing_alg_values_supported"`
ResponseTypes []string `json:"response_types_supported"` ResponseTypes []string `json:"response_types_supported"`
Scopes []string `json:"scopes_supported"` Scopes []string `json:"scopes_supported"`
Claims []string `json:"claims_supported"`
Subjects []string `json:"subject_types_supported"` Subjects []string `json:"subject_types_supported"`
GrantTypes []string `json:"grant_types_supported"` GrantTypes []string `json:"grant_types_supported"`
AuthMethods []string `json:"token_endpoint_auth_methods_supported"` AuthMethods []string `json:"token_endpoint_auth_methods_supported"`
@ -1478,6 +1479,7 @@ func (i *IdentityStore) pathOIDCProviderDiscovery(ctx context.Context, req *logi
UserinfoEndpoint: p.effectiveIssuer + "/userinfo", UserinfoEndpoint: p.effectiveIssuer + "/userinfo",
IDTokenAlgs: supportedAlgs, IDTokenAlgs: supportedAlgs,
Scopes: scopes, Scopes: scopes,
Claims: []string{},
RequestParameter: false, RequestParameter: false,
RequestURIParameter: false, RequestURIParameter: false,
ResponseTypes: []string{"code"}, ResponseTypes: []string{"code"},

2
vault/identity_store_oidc_provider_test.go
View File

@ -3623,6 +3623,7 @@ func TestOIDC_Path_OpenIDProviderConfig(t *testing.T) {
Keys: basePath + "/.well-known/keys", Keys: basePath + "/.well-known/keys",
ResponseTypes: []string{"code"}, ResponseTypes: []string{"code"},
Scopes: []string{"test-scope-1", "openid"}, Scopes: []string{"test-scope-1", "openid"},
Claims: []string{},
Subjects: []string{"public"}, Subjects: []string{"public"},
IDTokenAlgs: supportedAlgs, IDTokenAlgs: supportedAlgs,
AuthorizationEndpoint: "/ui/vault/identity/oidc/provider/test-provider/authorize", AuthorizationEndpoint: "/ui/vault/identity/oidc/provider/test-provider/authorize",
@ -3678,6 +3679,7 @@ func TestOIDC_Path_OpenIDProviderConfig(t *testing.T) {
Keys: basePath + "/.well-known/keys", Keys: basePath + "/.well-known/keys",
ResponseTypes: []string{"code"}, ResponseTypes: []string{"code"},
Scopes: []string{"test-scope-2", "openid"}, Scopes: []string{"test-scope-2", "openid"},
Claims: []string{},
Subjects: []string{"public"}, Subjects: []string{"public"},
IDTokenAlgs: supportedAlgs, IDTokenAlgs: supportedAlgs,
AuthorizationEndpoint: testIssuer + "/ui/vault/identity/oidc/provider/test-provider/authorize", AuthorizationEndpoint: testIssuer + "/ui/vault/identity/oidc/provider/test-provider/authorize",